“Equifax…failed to implement an adequate security program to protect this sensitive data…Such a breach was entirely preventable.” So concludes the December 2018 report on “The Equifax Data Breach” by the U.S. House of Representatives Committee on Oversight and Government Reform.
The cause, according to the report, was Equifax’s “acquisition strategy [to benefit] bottom line and stock price,” which “growth brought increasing complexity to Equifax’s IT systems, and expanded data security risks.” Risks, it seems, Equifax did not manage. In 2017, the Department of Homeland Security…Continue reading...

Colorado’s Protections for Consumers Data Privacy Act, unanimously approved by the state legislature on May 29, imposes heightened data protection and breach notification requirements on businesses of all sizes and government entities. It affects all entities that receive, collect, create or save personally identifiable information (PII) from Colorado residents, customers, employees or even prospective employees. The law comes in the wake of the Equifax data breach in 2017, and Colorado being rated the second riskiest state for identity theft in a 2017 study, only…Continue reading...

On November 21, 2018 Pennsylvania’s highest court ruled that employers in Pennsylvania have an affirmative legal duty to protect workers’ sensitive data from possible hacking. This ruling has profound implications for employers, which may now be subject to liability for failing to take reasonable precautions to protect their employees from cyber attacks.
In a proposed class action, employees of the University of Pittsburgh Medical Center sought damages after a data breach exposed the personal information – including names, dates of birth, addresses, Social Security numbers,…Continue reading...

A Russian company known as Federal Agency of News, LLC (FAN), whose accountant was indicted by federal prosecutors for her alleged role in “Project Lakhta” – a Russian interference operation in political and electoral systems targeting populations in, among other places, the United States – has sued Facebook alleging it is a legitimate news outlet whose Facebook account must be restored.
On November 20, 2018, FAN and its sole shareholder, Evgeniy Zubarev, commenced suit against Facebook in the United States District Court, Northern District of …Continue reading...

The unfortunately reality of cyber theft is that it’s much like any other type of theft – even if the criminal is caught, it’s unlikely that the ill-gotten gains will ever be fully recovered. There are simply too many ways to hide their destination or make them disappear. This often means the victim will seek other avenues for recouping losses, including filing a civil action against entities or individuals who allegedly could have helped prevent the theft. In the case of O’Neill, Bragg & Staffin, …Continue reading...

On November 13, the U.S. House of Representatives voted unanimously to pass bipartisan legislation creating the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS). The CISA Act (H.R. 3359), first introduced in July, 2017, passed the Senate in October. It will “reorganize DHS’ National Protection and Programs Directorate (NPPD) into a new agency and prioritize its mission as the Federal leader for cyber and physical infrastructure security,” according to a statement released by DHS.
The new agency…Continue reading...

On Monday, November 12, 2018 , during the Internet Governance Forum at UNESCO’s headquarters in Paris, the French President Emmanuel Macron announced an international agreement referred to as the “Paris Call for Trust and Security in Cyberspace.” The agreement was signed by over 50 countries as well as businesses, including Facebook, Google, and Microsoft, and other organizations. Australia, the United States, Israel, Russia, and China are notably absent.
The agreement first highlights the central role cyberspace plays in every aspect of present life and reaffirms…Continue reading...

Colorado’s Protections for Consumers Data Privacy Act, unanimously approved by the state legislature on May 29, 2018, imposes heightened data protection and breach notification requirements on businesses of all sizes and government entities. It affects all entities that receive, collect, create or save personally identifiable information (PII) from Colorado residents, customers, employees or even prospective employees. The law comes in the wake of the Equifax data breach in 2017, and Colorado being rated the second riskiest state for identity theft in a 2017 study,…Continue reading...

The frequency and scope of data breaches are growing every day. Hackers have set their sights on law firms because of the treasure trove of valuable data they hold. News of cyberattacks against the legal community has been splashed across the covers of business publications and warned about by professional organizations for a number of years, so this isn’t anything new. What is astonishing, however, is that law firms are still lagging behind with respect to insurance coverage for cyber risks and the implementation of…Continue reading...

On November 1, 2018, Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) was amended to include stringent, mandatory breach notification rules. These rules are similar to the European Union’s General Data Protection Regulation (GDPR), which took effect in May, 2018. Organizations that conduct business in Canada will be subject to PIPEDA as well as the GDPR, if that organization is accessible in the European market. The new PIPEDA regulations reinforce the image of Canada as an international leader in personal data protection…Continue reading...

About Us

Goldberg Segalla is one of the largest and fastest-growing law firms headquartered in the United States, with a footprint that reaches from Los Angeles to London. Its nearly 400 attorneys serve regional, national, and international clients from over 20 offices, with teams based in New York, Chicago, Philadelphia, Miami, St. Louis, and other major business and economic centers across 10 states. An AmLaw200 firm, Goldberg Segalla handles all forms of dispute resolution, guides clients through complex transactions, and provides proactive legal and regulatory counsel to help companies and professionals from a wide range of industries minimize and manage risk.
&nbsp
For more information, visit our website.